package cn.portx.frame;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import com.bstek.bdf3.jpa.JpaUtil;
import com.bstek.bdf3.saas.Constants;
import com.bstek.bdf3.saas.domain.Organization;
import com.bstek.bdf3.security.orm.OrganizationSupport;

import cn.portx.frame.entity.UserEntity;
import cn.portx.frame.service.SyncServiceImpl;

/**
 * 从港融平台同步用户数据到货代系统，必须是master下的用户才有权限进行该操作
 * 
 * @author Administrator
 *
 */
@RestController
public class SyncController {

	@Autowired
	private SyncServiceImpl syncServiceImpl;

	@Autowired
	protected PasswordEncoder passwordEncoder;

	@RequestMapping(value = "/sync-user", method = RequestMethod.POST)
	@ResponseBody
	public synchronized String syncUser(@RequestBody List<Map<String, Object>> users, @RequestHeader(value = "username", required = false) String username,
			@RequestHeader(value = "password", required = false) String password) {
		List<String> errors = new ArrayList<String>();
		if (StringUtils.isEmpty(username)) {
			Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
			if (authentication == null) {
				errors.add("必须提供用户名密码！");
			} else {
				if (authentication instanceof AnonymousAuthenticationToken) {
					errors.add("必须提供用户名密码！");
				} else {
					OrganizationSupport os = (OrganizationSupport) authentication.getPrincipal();
					if (!Constants.MASTER.equals(((Organization) os.getOrganization()).getId())) {
						errors.add("您无权进行该操作！");
					}
				}
			}
		}
		if (errors.isEmpty()) {
			List<UserEntity> ueList = JpaUtil.linq(UserEntity.class).idEqual(username).equal("password", this.passwordEncoder.encode(password)).list();
			if (ueList.isEmpty()) {
				errors.add("用户名或密码错误！");
			} else {
				UserEntity ue = ueList.get(0);
				if (!Constants.MASTER.equals(ue.getOrgId())) {
					errors.add("您无权进行该操作！");
				}
			}
		}
		if (errors.isEmpty())
			for (Map<String, Object> user : users) {
				String error = this.syncServiceImpl.syncUser(user);
				if (error != null)
					errors.add(error);
			}
		return StringUtils.join(errors, "|");
	}

	@RequestMapping(value = "/change-pwd")
	@ResponseBody
	public String updatePwd(@RequestHeader String timestamp, @RequestHeader String sign, @RequestHeader String desUsername, @RequestHeader String newPwd) {
		try {
			this.syncServiceImpl.updatePwd(timestamp, sign, desUsername, newPwd);
			return null;
		} catch (Exception e) {
			e.printStackTrace();
			if(e instanceof NullPointerException){
				return "NullPointerException";
			}
			return e.getMessage();
		}
	}
}
